884181d04c9411903edb043fdebbc6b1_JaffaCakes118

General

Target

884181d04c9411903edb043fdebbc6b1_JaffaCakes118
Size

113KB
MD5

884181d04c9411903edb043fdebbc6b1
SHA1

a726122557e36dc911787df3b142b3b4b7a699ad
SHA256

d10212d55c05f2f7b2d4ba574a7e7a8cadcb96da60c0d60c7cc32e50e64a73a2
SHA512

d7e4c1953aae9a37f11f8a0444e705da79135f37566b347615ad407d7374b281ad6dad51945aebb291cf0cb430bc906969aa604f1dc270c602c3815dc0112168
SSDEEP

1536:qyF7cNfcmQ/iPI0Yc6DhBcm9Vhdzu1p7N3BbLqc63B6/ekBSTanVhsVR:qyF7qQKgNgp7HLqc633dk8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
884181d04c9411903edb043fdebbc6b1_JaffaCakes118

Files

884181d04c9411903edb043fdebbc6b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e547a4e7c3c2a7d570b53d65616ae34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
SaveDC
CreateSolidBrush
PatBlt
SelectPalette
CreatePen
SetMapMode
GetTextMetricsA
CreateCompatibleDC
GetDeviceCaps
SelectObject
LineTo
GetObjectA
SetStretchBltMode
CreateFontIndirectA
SetTextColor
DeleteObject
SetTextAlign
RestoreDC
SetPixel
RectVisible
CreatePalette
GetPixel
GetStockObject
GetClipBox

user32

GetSystemMetrics
GetDesktopWindow
TranslateMessage
CharNextA
GetParent

kernel32

GetModuleHandleA
GetTickCount
RemoveDirectoryA
CopyFileA
GetUserDefaultLangID
GetProcessHeap
GetCurrentProcess
GetConsoleOutputCP
GetThreadLocale
QueryPerformanceCounter
MulDiv
lstrcmpA
lstrcmpiW
GetWindowsDirectoryA
GetVersion
GetCommandLineA
IsDebuggerPresent
lstrlenA
GlobalFindAtomW
RemoveDirectoryW
GetCurrentThreadId
DeleteFileA
GetCurrentThread
GetStartupInfoA
SetCurrentDirectoryA
GetCommandLineW
GetOEMCP
GetDriveTypeA
lstrcmpiA
GetCurrentProcessId
DeleteFileW
GetACP
lstrlenW
GlobalFindAtomA
GetModuleHandleW
VirtualAlloc
VirtualFree

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e547a4e7c3c2a7d570b53d65616ae34

Headers

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 14KB - Virtual size: 13KB